Internet Archive Scholar

A Big Data Architecture for Large Scale Security Monitoring

Samuel Marchal, Xiuyan Jiang, Radu State, Thomas Engel
2014 2014 IEEE International Congress on Big Data  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (590.1 kB)
https://web.archive.org/web/20160926203340/http://orbilu.uni.lu/bitstream/10993/17822/1/PID3179239.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL. The file type is application/pdf.

Network traffic is a rich source of information for security monitoring. However the increasing volume of data to treat raises issues, rendering holistic analysis of network traffic difficult. In this paper we propose a solution to cope with the tremendous amount of data to analyse for security monitoring perspectives. We introduce an architecture dedicated to security monitoring of local enterprise networks. The application domain of such a system is mainly network intrusion detection and
more » ... ntion, but can be used as well for forensic analysis. This architecture integrates two systems, one dedicated to scalable distributed data storage and management and the other dedicated to data exploitation. DNS data, NetFlow records, HTTP traffic and honeypot data are mined and correlated in a distributed system that leverages state of the art big data solution. Data correlation schemes are proposed and their performance are evaluated against several well-known big data framework including Hadoop and Spark.
doi:10.1109/bigdata.congress.2014.18 dblp:conf/bigdata/MarchalJSE14 fatcat:hpklha4aufbrlmquark4cvafji
Citation

Samuel Marchal, Xiuyan Jiang, Radu State, Thomas Engel. "A Big Data Architecture for Large Scale Security Monitoring." 2014 IEEE International Congress on Big Data (2014) 56-63